If you’ve now using or about to begin switching to Windows 7, Robert Shimonski has written a fairly in-depth overview of Windows 7’s security capabilities, and how to harden the OS, including manual tuning and the usage of security templates from Microsoft.
Regardless of which version of OS you are running, this is a good set of steps to follow to start out fresh, clean, streamlined, and secure:
Step 1 – Installation of Base OS selecting any options during installation the increases security and not selecting unneeded services, options and programs.
Step 2 – Installation of any Administrator toolkits, security tools and needed programs.
Step 3 – Remove services, programs and unneeded software. Disable or remove unused user accounts or groups.
Step 4 – Service Pack update, hot fixes and service packs. Update all installed programs as well.
Step 5 – Run security audit scanner, template, MBSA, etc to assess current security level
Step 6 – Run System Restore and create a restore point. Backup and Restoration application for disaster recovery.
Step 7 – Backup the OS with a way to quickly restore it in the event of disaster.
This list is a simple guide. You can add more steps and extend this list further. This list is not definitive, but a good start in getting an idea of where to start when applying security to Windows 7 after a base installation. If completing a fresh install of Windows 7, then the next step is to remove any unwanted software, services, protocols and programs that you do not want or need running on it. This can be done easily in the Control Panel.